Exambible offers free demo for 400 101 dumps exam. "CCIE Routing and Switching (v5.0)", also known as 400 101 pdf exam, is a Cisco Certification. This set of posts, Passing the Cisco cisco 400 101 exam, will help you answer those questions. The 400 101 pdf Questions & Answers covers all the knowledge points of the real exam. 100% real Cisco cisco 400 101 exams and revised by experts!

Q111. For which kind of MPLS deployment is the next-hop-self all keyword used on a BGP neighbor command? 

A. 6VPE 

B. MPLS Carrier's carrier 

C. inter-AS MPLS VPN option D 

D. inter-AS MPLS VPN option C 

E. Unified MPLS 

Answer:

Explanation: 

Since the core and aggregation parts of the network are integrated and end-to-end LSPs are provided, the Unified MPLS solution is also referred to as "Seamless MPLS." New technologies or protocols are not used here, only MPLS, Label Distribution Protocol (LDP), IGP, and BGP. Since you do not want to distribute the loopback prefixes of the PE routers from one part of the network into another part, you need to carry the prefixes in BGP. The Internal Border Gateway Protocol (iBGP) is used in one network, so the next hop address of the prefixes is the loopback prefixes of the PE routers, which is not known by the IGP in the other parts of the network. This means that the next hop address cannot be used to recurse to an IGP prefix. The trick is to make the ABR routers Route Reflectors (RR) and set the next hop to self, even for the reflected iBGP prefixes. In order for this to work, a new knob is needed. Only the RRs need newer software to support this architecture. Since the RRs advertise the BGP prefixes with the next hop set to themselves, they assign a local MPLS label to the BGP prefixes. This means that in the data plane, the packets forwarded on these end-to-end LSPs have an extra MPLS label in the label stack. The RRs are in the forwarding path. There are two possible scenarios: 

. The ABR does not set the next hop to self for the prefixes advertised (reflected by BGP) by the ABR into the aggregation part of the network. Because of this, the ABR needs to redistribute the loopback prefixes of the ABRs from the core IGP into the aggregation IGP. If this is done, there is still scalability. Only the ABR loopback prefixes (from the core) need to be advertised into the aggregation part, not the loopback prefixes from the PE routers from the remote aggregation parts. 

. The ABR sets the next hop to self for the prefixes advertised (reflected by BGP) by the ABR into the aggregation part. Because of this, the ABR does not need to redistribute the loopback prefixes of the ABRs from the core IGP into the aggregation IGP. 

In both scenarios, the ABR sets the next hop to self for the prefixes advertised (reflected by BGP) by the ABR from the aggregation part of the network into the core part. If this is not done, the ABR needs to redistribute the loopback prefixes of the PEs from the aggregation IGP into the core IGP. If this is done, there is no scalability. In order to set the next hop to self for reflected iBGP routes, you must configure the neighbor x.x.x.x next-hop-self all command. 

Reference: http://www.cisco.com/c/en/us/support/docs/multiprotocol-label-switching-mpls/mpls/116127-configure-technology-00.html 


Q112. Which cache aggregation scheme is supported by NetFlow ToS-based router aggregation? 

A. prefix-port 

B. AS 

C. protocol port 

D. destination prefix 

Answer:


Q113. Which two statements about the max-age time in IS-IS are true? (Choose two.) 

A. The IS-IS max-age time is 20 minutes by default. 

B. The IS-IS max-age time is 60 minutes by default. 

C. The IS-IS max-age time increments from zero to max-age. 

D. The IS-IS max-age time decrements from max-age to zero. 

Answer: A,D 


Q114. Which two statements about MAC ACLs are true? (Choose two.) 

A. They support only inbound filtering. 

B. They support both inbound and outbound filtering. 

C. They are configured with the command mac access-list standard. 

D. They can filter non-IP traffic on a VLAN and on a physical interface. 

Answer: A,D 

Explanation: 

MAC ACL, also known as Ethernet ACL, can filter non-IP traffic on a VLAN and on a physical Layer 2 interface by using MAC addresses in a named MAC extended ACL. The steps to configure a MAC ACL are similar to those of extended named ACLs. MAC ACL supports only inbound traffic filtering. 

Reference: http://www.ciscopress.com/articles/article.asp?p=1181682&seqNum=4 


Q115. Which two commands enable OSPF graceful shutdown? (Choose two.) 

A. nsf cisco 

B. ip ospf shutdown 

C. shutdown 

D. nsf ietf helper disable 

Answer: B,C 


Q116. DRAG DROP 

Drag and drop the RIP configuration command on the left to the function it performs on the right. 

Answer: 


Q117. Which two statements about IPsec VTI implementation are true? (Choose two.) 

A. The IKE SA can be bound to the VTI and the crypto map. 

B. The transform set can be configured only in tunnel mode. 

C. SVTIs support only a single IPsec SA. 

D. SVTIs support IPv4 packets that carry IPv6 packets. 

Answer: B,C 


Q118. Refer to the exhibit. 

R1 and R2 both advertise 10.50.1.0/24 to R3 and R4 as shown. R1 is the primary path. Which path does traffic take from the R4 data center to the file server? 

A. All traffic travels from R4 to R2 to the file server. 

B. All traffic travels from R4 to R3 to R1 to the file server. 

C. Traffic is load-balanced from R4 to R2 and R3. Traffic that is directed to R3 then continues to R1 to the file server. Traffic that is directed to R2 continues to the file server. 

D. All traffic travels from R4 to R2 to R1 to the file server. 

Answer:


Q119. What are two benefits of NVI? (Choose two.) 

A. It provides scalability by maintaining a NAT table on every interface. 

B. It can dynamically create a static route to the NAT pool for translation. 

C. It supports the use of route maps for policy-based NAT. 

D. It supports the use of a single interface for translations. 

E. It injects a route into the existing routing protocol that directs translation to the NAT pool. 

Answer: A,B 


Q120. According to RFC 4577, OSPF for BGP/MPLS IP VPNs, when must the down bit be set? 

A. when an OSPF route is distributed from the PE to the CE, for Type 3 LSAs 

B. when an OSPF route is distributed from the PE to the CE, for Type 5 LSAs 

C. when an OSPF route is distributed from the PE to the CE, for Type 3 and Type 5 LSAs 

D. when an OSPF route is distributed from the PE to the CE, for all types of LSAs 

Answer:

Explanation: 

If an OSPF route is advertised from a PE router into an OSPF area, the Down bit (DN) is set. Another PE router in the same area does not redistribute this route into iBGP of the MPLS VPN network if down is set. 

RFC 4577 says: 

“When a type 3 LSA is sent from a PE router to a CE router, the DN bit in the LSA Options field MUST be set. This is used to ensure that if any CE router sends this type 3 LSA to a PE router, the PE router will not redistribute it further. When a PE router needs to distribute to a CE router a route that comes from a site outside the latter’s OSPF domain, the PE router presents itself as an ASBR (Autonomous System Border Router), and distributes the route in a type 5 LSA. The DN bit [OSPF-DN] MUST be set in these LSAs to ensure that they will be ignored by any other PE routers that receive them.” 

For more information about Down bit according to RFC 4577 please read more herE. http://tools.ietf.org/html/rfc4577#section-4.2.5.1.